Analyse score
1 antivirus venders flagged
this file as malicious
Signature
Signed file, invalid signature
Last scanned
First submission
File type
exe
1 antivirus venders flagged
this file as malicious
Signed file, invalid signature
exe
CRC32 | 0x83e2ad5 |
---|---|
MD5 | 752c3df9c7928126a6bf136f44dbe889 |
Magic | PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed |
SHA1 | 204c88435b9b35e1e35e482d9b2c09d4abe1f318 |
SHA256 | b47f74ff4a5626041930e2af9ed945635401f1d25c131a066ae419190832b6be |
SHA512 | a9443d1598d5867708957a7b51f38f1943abde41890282e1de29ec844767d99e9df6b032eec5ae5e10137dc900315d1a061aac44011dc26b5d5c21d01c5aebb9 |
SSDeep | 24576:m6GnSZ6ML4sdPi0IUh+e25NwDhuOTQ8dleuDZ1wbGOLLm4iglP+4NKm0KoVUUUUS:mcnPDh+eGNYuOTQ8bDkSKmYP+d8oVUUG |
Size | 1.39MB |
Packer |
|
TrID |
|
Tags |
CharacterSet | Windows, Latin1 |
---|---|
CodeSize | 1.35MB |
CompanyName | 西西软件园 |
EntryPoint | 0x4ee0a0 |
ExifToolVersionNumber | 12.64 |
FileDescription | www.cr173.com |
FileFlags | (none) |
FileFlagsMask | 0x003f |
FileOs | Win32 |
FileSize | 1458 kB |
FileSubtype | 0 |
Published | Name | Source | Country |
---|---|---|---|
xixiServerMonitor.exe | web | CN |
Description | Severity | Category | Module |
---|---|---|---|
Malware detection of a yara signature: Win32/WannaCry | malicious
|
Sandbox Detection | Behavior |
Communicates over HTTP with a low reputation domain | informational
|
C2 | Behavior |
Deletes itself after process termination | suspicious
|
Stealth | Behavior |
Write a file to the startup folder | suspicious
|
Persistence | Behavior |
Check for the existence of Virtual Machines | suspicious
|
Signature | Yara |
🚀 Coming soon!
🚀 Coming soon!